Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 26

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2771

Question

What should be the information security manager’s MOST important consideration when planning a disaster recovery test?

A. Stakeholder notification procedures
B. Organization-wide involvement
C. Impact to production systems
D. Documented escalation processes

Answer

C. Impact to production systems

CISA Question 2772

Question

Which of the following should be an information security manager’s MOST important consideration when conducting a physical security review of a potential outsourced data center?

A. Environmental factors of the surrounding location
B. Proximity to law enforcement
C. Availability of network circuit connections
D. Distance of the data center from the corporate office

Answer

A. Environmental factors of the surrounding location

CISA Question 2773

Question

The MAIN consideration when designing an incident escalation plan should be ensuring that:

A. information assets are classified.
B. appropriate stakeholders are involved.
C. high-impact risks have been identified.
D. requirements cover forensic analysis.

Answer

B. appropriate stakeholders are involved.

CISA Question 2774

Question

Which of the following is MOST important in determining a project’s feasibility?

A. The organization’s main competitor has initiated a similar project.
B. The IT steering committee endorses the project.
C. A project management methodology is established.
D. The project’s value is established in an approved business case.

Answer

D. The project’s value is established in an approved business case.

CISA Question 2775

Question

Which of the following is critical to the successful establishment of an enterprise IT architecture?

A. A well-defined data migration policy
B. Comparison of the architecture with that of other organizations
C. An architecture encompassing only critical systems
D. Organizational support for standardization

Answer

D. Organizational support for standardization

CISA Question 2776

Question

Which of the following is the MOST important privacy consideration for an organization that uses a cloud service provider to process customer data?

A. Data privacy must be monitored in accordance with industry standards and best practices.
B. All customer data transferred to the service provider must be reported to the regulatory authority.
C. No personal information may be transferred to the service provider without the consent of the customer.
D. Data privacy must be managed in accordance with the regulations applicable to the organization.

Answer

D. Data privacy must be managed in accordance with the regulations applicable to the organization.

CISA Question 2777

Question

An organization’s audit charter should:

A. set the enterprise strategic direction.
B. detail the audit objectives.
C. define the auditors’ right to access information.
D. include the IS audit plan.

Answer

B. detail the audit objectives.

CISA Question 2778

Question

Which of the following is MOST important for the successful establishment of a security vulnerability management program?

A. A comprehensive asset inventory
B. A tested incident response plan
C. An approved patching policy
D. A robust tabletop exercise plan

Answer

C. An approved patching policy

CISA Question 2779

Question

An organization is considering allowing users to connect personal devices to the corporate network. Which of the following should be done FIRST?

A. Configure users on the mobile device management solution.
B. Create inventory records of personal devices.
C. Implement an acceptable use policy.
D. Conduct security awareness training.

Answer

C. Implement an acceptable use policy.

CISA Question 2780

Question

Which is the PRIMARY objective of evaluating the readiness of information systems for implementation?

A. Determine whether IT systems projects are on schedule.
B. Determine whether the systems comply with the organization’s policy.
C. Determine whether the systems meet user requirements.
D. Determine whether the systems meet business requirements.

Answer

D. Determine whether the systems meet business requirements.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.